As already discussed, the legacy systems and legacy applications are old software sys-tems that use outdated technology, but are still a critical part of the organization’s oper-ation. With the popularity of the Internet of Things (IoT) and cloud computing some of the software systems and applications that were earlier considered modern, could now be considered legacy systems and legacy applications. In this thesis the following soft-ware applications are consider as legacy applications: desktop applications, ClickOnce applications, and web portal applications.
3.1 Desktop application
Desktop application is a software application, that is installed on a single computer. Each user has a separate application instance and they work independently from each other.
The instances could work with a central database as in figure 3.1 or with a local database.
The desktop application is specifically developed to run on a specific operating system such as Windows, Linux or Mac. The desktop application is usually designed to run on an isolated on-premise environment, which means they have fewer security issues. This can also mean that the desktop application can possibly work without internet connection, if the application is designed that way. This is another common characteristic of the desktop applications. The desktop applications are updated by the end-user, but for industrial desktop applications they are usually updated by a specific support personnel, who has to come to the customer site to install the update. [32]
Figure 3.1.Simplified desktop application usage illustration with central database.
Benefits of the desktop applications are that they don’t necessarily rely on the internet connection, they offer strong privacy, they rely only on computer’s resources which can make them perform better, there are low hosting costs, and the desktop applications re-quire usually only one-time payment. The disadvantage of the desktop applications is that they lack portability, so they can be used only on the computer where they are installed.
The earlier mentioned manual updating process is also a disadvantage for desktop ap-plications. The desktop application also requires storage space from the computer, so it can be installed. In addition to storage space the computer must meet other system requirements such as specific operating system for application to work on that computer.
[33]
3.2 ClickOnce application
ClickOnce application is Windows-based application that is similar to normal desktop ap-plication, but it is published using ClickOnce technology. The ClickOnce deployment tech-nology enables the application to be installed and run with minimal user interaction, and
the technology can enable the application to check for updates by itself. ClickOnce tech-nology has three ways to publish the application: from a Web page, from a network file share, or from external media such as CD-ROM. The deployment through a link in a web site is the most common deployment strategy. When using automatic application updating, ClickOnce application has different strategies for performing the updating pro-cess. The default strategy is that the application checks for updates before the applica-tion starts. If there are updates published to any of the files of the applicaapplica-tion, they will be downloaded and then the updated application is reinstalled to the computer automatically.
The update process is illustrated in the figure 3.2. The updating strategy is determined by the application developer and not by the application user. [34]
Figure 3.2.Activity diagram of the ClickOnce application update process.
The ClickOnce application is isolated and self-contained, and cannot therefore interfere with other applications. Therefore the application cannot harm existing applications in the client computer. Downside for that is that if the developed application would need to com-municate with other applications on the machine or ability to customize a segment of the client machine, it is not possible with ClickOnce application. Other characteristic of the ClickOnce application is that it enables non-administrative users to install the application.
[34] The ClickOnce application is installed and run from secure per-user, per-application cache. The cache is a family of hidden directories under current user’s profile folder. The user cannot control the installation location of the application. Since the application is run from the per-user, per-application cache, ClickOnce applications lack the portability of sharing work between different devices, just like the desktop applications. ClickOnce application requires that the client computer has a Windows operating system. The appli-cation also needs Internet Explorer or Microsoft Edge to work correctly. ClickOnce could be made to work with other browsers, but the other browsers would need some sort of extensions. [35]
3.3 Web portal application
Web portal is a web-based platform that provides user with a single access point to infor-mation. It serves as a gateway to other resources that can provide user with personalized information. Thus, a web portal can be seen as a type of a web page. Unlike desktop ap-plications and ClickOnce apap-plications, web portal application doesn’t need to be installed on the user computer, but instead it is used through a browser. Web portal requires an application server to host the web portal infrastructure and a web server to respond user requests. Compared to the web pages web portals have more complex infrastructure which consists of elements, such as web crawler and metadata, that the web portal re-quires to work properly and to provide the needed functionality. [36, pp. 162–164] Figure 3.3 shows the typical architecture of the enterprise portal.
Figure 3.3.Typical enterprise portal architecture [37, p. 13]
Web portals are privately accessible and only users with correct login credentials can see the content provided by the web portal. The user interface handles the Hypertext Transfer Protocol (HTTP) requests made by the user and aggregates appropriate responses and content based on the requests. [37] This is typical communication of the client-server model. The information provided to the user dynamically changes based on the HTTP requests. Even though the web portal is a dynamic application compared to a web page, it doesn’t interact with the user in real-time. This is because the content on the user interface changes only after the web server has responded to the HTTP request and the application server has aggregated the information for the user interface, which formats appropriate HTML page for the user. [37]
3.4 Web application
Web applications are not very new technology, but they have evolved tremendously over the years, and are used by companies and individual people in their everyday life. The concept of web application appeared first time in Java language in 1999. In 2005 Ajax was introduced, which enabled responsive web design and web app development as well as asynchronous web applications. [38] Web application can be defined as a com-puter program that is accessed using a web browser. In more detailed definition, the web applications are client-server programs, which means they have client-side and the server-side. The client refers to the program the user uses to run the application and
the server refers to the application that stores and provides the data. In web application’s case the application needs three elements to work: a web server to handle user requests, an application server to execute requested tasks, and a database to store information. In addition to these elements the user needs a working internet connection to access the web application. [39]
Like web portal applications neither web applications need installation on the computer and they can be used on any platform with web browser. The web applications require less maintenance and they are always up to date, because the updates are applied cen-trally. This way there are no compatibility issues, because all users are accessing the same version of the application. [39, 40] Web applications can be either static or dynamic depending on do they require server-side processing and scripting [41]. The dynamic web application uses server-side processing and scripts to generate the requested information from its database to the client as illustrated in the figure 3.4.
Figure 3.4. Simplified sequence diagram of the dynamic web application data access process.
The processing in the server-side makes the data extraction fast and efficient. The dy-namic web applications are more common now and static web applications are becoming obsolete technology. The benefits of the web applications has led the companies to shift from traditional desktop applications to the web-based technologies. [39, 40, 41]
3.5 Cloud application
Cloud applications are one of the newest technological advances and they are gaining more popularity. Cloud application is an internet-based program that is deployed in the cloud environment. The user interacts with the application via a web browser or a native application, like desktop or mobile application. Cloud application is sometimes referred as a cloud-based application or a cloud computing application. The cloud refers to a group of remote servers, computers and data storage systems that are maintained and run by the cloud service provider. The similarity between cloud application and web application is that they both operate on the data that is located on a remote server or sometimes on an on-premise server. The main difference between these two however is that the web application needs working continuous internet connection, while the cloud application can still process tasks on a local computer while being offline by using native application and storing the changes locally. [42, 43]
Being independent from internet connection is the only similarity between the cloud appli-cation and a desktop appliappli-cation. The difference between cloud appliappli-cation and a desktop application, in addition to accessing the data located in a remote server through internet, is that the cloud applications are mostly platform-independent whereas the desktop appli-cations are designed for a specific operation systems. The version control and updating is also different, because desktop applications are installed and updated by end-user or IT-support on site, while the cloud applications’ versions are updated to the cloud envi-ronment and the users can only run the available version. So in a way cloud applications combine the benefits of the web applications and the desktop applications. [42, 43]
There are multiple benefits to the use of cloud applications. These benefits include:
• Reduced costs: The infrastructure and IT costs are lower, because the cloud provider is hosting the software, so the developer doesn’t need to invest in the servers and associated infrastructure, and also the software license costs could be lower with cloud applications. The consumer usually only pays for the resources they use, and the cloud service costs are kept low, due to the competition in the market between the cloud service providers.
• Scalability: The cloud application’s resources and capacity can easily be scaled up and down depending on the user demand.
• Reliability: Cloud applications have access to more computing resources than it
would be feasible to have on-site.
• Accessibility: Users can access and interact with the application with any device that has internet connection. [42, 43, 44]
There are three main service models for the cloud applications. These service models are Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). As already discussed in the section 2.4 in the IaaS service model, a cloud service provider provides the hardware, the infrastructure that the software developers use to run their application, and the support services for the infrastructure. The customer provides the middleware, the application, and the application support. In the SaaS service model the cloud service provider provides the software application, and the hardware and infrastructure where the application runs. The cloud service provider also provides the support for the systems and the application. In the PaaS service model the cloud service provider provides the infrastructure, operating systems, middleware, and some of the development software, which the software developer uses to develop and run their application. [42, 43, 44]
As discussed in the section 2.4 cloud applications have four deployment models which are private cloud, public cloud, hybrid cloud, and community cloud. However the community cloud deployment model is not referred in the literature as much as the other three deploy-ment models. With private cloud the cloud’s infrastructure and resources are exclusively used by a single organization. The private cloud infrastructure is usually built on-site, but it can also be hosted and maintained by third party company off-site. The private cloud environment is used by organizations with strict security requirements, because the pri-vate cloud environment acts like a pripri-vate network. Public cloud infrastructure is shared between users, but each user gets their own cloud environment within that infrastructure.
The public cloud service is run on the cloud provider’s platform and the cloud provider is responsible for the security and maintenance of the cloud infrastructure. The public cloud environment is used by companies that require flexible, easily scalable, and cost-effective way to access cloud resources. The hybrid cloud combines the public and private clouds into a single cloud environment. An on-site IT organization shares data and applications between on-premise servers and third party public cloud applications. This solution is used by companies that want to manage corporate data in the on-premise servers and databases, and store less sensitive data with a third party solution. [42, 45]
3.6 Moving from legacy applications to web and cloud applications in automation systems
Automation systems have traditionally been operated through desktop applications from the control room in an isolated environment. The desktop applications are designed to run on a specific operating system and with the case of the old automation systems
their operating systems, like Windows XP or Windows Server 2003, are now obsolete, because they are no longer supported. The organizations will need to eventually upgrade their systems and control applications to newer versions and to newer technologies to ensure their system’s security, and because they are missing out on features of the new industrial technologies. [46]
The Internet of Things (IoT) technology in the industrial sector, also known as Industrial Internet of Things (IIoT), has gained large popularity in the last few years. The IIoT trans-forms the industrial and business operations by adding smart connectivity to machines, people, and processes. With the rising volumes of the data produced and processed, and the requirement for reliable and efficient Machine to Machine (M2M) and Human-to-Machine (H2M) interactions, the need for both IIoT solutions and cloud computing is becoming more imperative. [47]
The IIoT technologies have the following characteristics: the interconnection of equip-ment, the transmission of the equipment data to a cloud platform through Ethernet, and the use of cloud platform data to connect with more devices. These characteristics en-able IIoT solutions to respond for these new needs and requirements by integrating net-work connectivity, machine learning in sensors and computing, big data produced by the sensors, M2M communication, and the traditional automation technologies. This conver-gence of the information technologies (IT), operation technologies (OT), and IoT allows operations to be handled in several ways, such as traditional way from the control room and remotely via web browser or using the IoT application on PC, tablet, or smartphone.
This creates business opportunities for organizations, while also improving industrial pro-duction efficiency and saving propro-duction and equipment costs. [48, 49]
3.7 Concerns and challenges in legacy system migration
When migrating legacy systems, there are concerns and challenges that should be thought of and addressed. The challenges are both organisational and technical as Stavru et al.
have examined in their study [50]. The organisational challenges include trust in the cloud provider and how the provider addresses the security and privacy requirements of the or-ganisation, the vendor lock-in which is a major concern for organisations, acquisition of new competences and expertise required by the new technologies, and the delegation of the data governance. The technological challenges include architecture constraints, maintenance and monitoring as well as troubleshooting difficulties with the cloud infras-tructure, and a concern about cloud interoperability. [10, 50] Even though the security and privacy are listed in the organisational challenges, they are also part of the technical challenges related to the migration.
The legacy system’s architecture is usually designed long time ago before the cloud ap-plications existed. Because of this the architecture of the legacy system might not be
designed to support the cloud characteristics such as multi-tenancy and resource elastic-ity. This is a concern that needs to be addressed in the migration process. [4] One other significant challenge in legacy system migration is to retain legacy system’s functionality and causing as little as possible disruption to the existing operational and business envi-ronments during the migration process [1]. This usually means running the legacy system and the new system in parallel for some time, which is a challenge of its own.
In the industrial community the professionals have faced various challenges in the legacy system projects. Time constraints are one of the biggest challenge they have faced. The time constraints cause lack of resources for the modernization project and can evidently lead to rejecting the modernization project or start it over from scratch. Also one critical challenge is the data migration from old databases to the newer systems. Other chal-lenges they have faced are complex system architecture issues, and lack of knowledge about the legacy system which causes also difficulty to identify, extract, and prioritize the business logic. [51]
Desktop application are designed to operate in a secure environment, where the user inputs usually can be trusted and checked for only accidental mistakes. When migrating desktop application to a web-based environment, the application needs to be protected from the malformed inputs which purpose is to disable application’s normal operation.
[52] With desktop applications a big challenge might be to understand the application’s dependencies. It might be difficult to figure out which .exe executable files and which .dll extension files are dependent of each other, and whether application is dependent on other applications. [53] The dependency concerns might occur also with ClickOnce application’s files because like desktop applications they are installed on the computer.
With web-based application such as web applications and web portal applications there are usually implemented some sort of access control management policy that handles the user authentication and data access control. When migrating web-based legacy system, and if the original access control is wanted in the new system, the original access control needs to be tuned to include multi-tenancy in the user authentication [54].